Info Sec news

Quest KACE “K” Icon in System Tray

Purpose: To upgrade KACE agents campus-wide.

Impact: Users not directly impacted, however a new “K” icon will appear in the System Tray in Windows (or Menu bar on Macs) that gives the status of the agent’s connection to the KACE Systems Management Appliance. Icon also allows users or IT service providers to force an inventory update or restart the KACE agent service (a.k.a. “konea”).

Affected: Marshall-owned workstations with KACE agent installed.

IT continues observance of National Cyber Security Awareness Month

The Marshall University Information Technology (IT) department is participating in National Cyber Security Awareness Month (NCSAM) to raise awareness of Cyber Security issues. Throughout the month of October, Marshall IT will continue to share information from the national campaign.

Week 4 will emphasize the importance of securing our critical infrastructure and highlight the roles the public can play in keeping it safe. In addition, it will lead the transition into November’s Critical Infrastructure Security and Resilience Month, which is spearheaded by the U.S. Department of Homeland Security. Our nation’s critical infrastructure runs on the Internet. The systems that enable us to live our daily lives—the electrical systems, financial institutions, transportation systems, and more—are all dependent upon a digital ecosystem. As cybersecurity breaches continue to rise in frequency and scale, it is critical for all Marshall Students, Faculty and Staff to understand their role and take steps to protect our critical infrastructure.

To find out more information and ways to get involved in National Cybersecurity Awareness Month, visit www.marshall.edu/it/ncsam-2018/.

National Cyber Security Awareness Month (NCSAM)- October 2018

The Marshall University Information Technology (IT) department is participating in National Cyber Security Awareness Month (NCSAM) to raise awareness of Cyber Security issues. Throughout the month of October, Marshall IT will be sharing information from the national campaign on Twitter, their website and through newsletter articles.

“The Marshall IT team looks forward to National Cyber Security Awareness Month (NCSAM) as an annual opportunity to share with our campus community a variety of tips and techniques we can all use to protect the data and devices in our digital lives,” said Jon Cutler, chief information security officer. The Marshall Information Technology (IT) team has participated in the national cyber security awareness events since 2011. These annual events are a great opportunity to for each of us to increase our digital security awareness.”

National Cyber Security Awareness Month began in 2004 as a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online. NCSAM is celebrated across the country each October under the leadership of the U.S. Department of Homeland Security and the National Cyber Security Alliance.

“We know folks in the Marshall campus community are concerned about cyber threats but don’t always realize the part they can play in identifying and avoiding these attacks,” Cutler said. “It seems hardly a week goes by that we don’t hear or read about new computer security issue. Especially troubling this past year has been the steady increase of phishing attacks against campus email accounts. We trust you will find each of the weekly topics to be helpful and welcome any feedback in how those messages can be improved.”

Different cyber security topics will be discussed each week including basic online safety and security, workplace cyber security, recognizing and combating cyber-crime, our continuously connected lives and what to do if you are a victim of cyber-crime.

For more information about NCSAM, visit www.staysafeonline.org/ncsam. You are also invited to follow us on Twitter and Facebook and the use of hashtags #MarshallUInfoSec #CyberAware and #StopThinkConnect on Twitter throughout the month of October.

Symantec Endpoint Protection Software Updated to 14.0 RU1 MP2

The Marshall University campus Symantec Endpoint Protection Management (SEPM) Servers and Symantec Endpoint Protection (SEP) client install packages have been upgraded to version 14.0.3929.1200 (Windows/Mac/Linux). This version of Symantec Endpoint Protection includes new features, changes, and improvements regarding customer experience, defects, and support for Windows 10 Spring Creators Update

SEP client patches are being distributed via background update process for managed client installs. Updated client install packages are available on the campus \Distributions share and via web download https://www.marshall.edu/antivirus for new installs and off-site computers.

Please contact the Marshall IT Service Desk at 304-696-3200 or itservicedesk@marshall.edu to report any questions or issues related to the install/upgrade process.

Additional details about this version of SEP and SEPM are available at the following URL:
https://support.symantec.com/en_US/article.DOC10955.html

Safer Internet Day!

Today, February 6, 2018, is Safer Internet Day (SID), a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year’s SID theme—Create, Connect and Share Respect: A better Internet starts with you—encourages everyone to play their part in creating a better, safer, and more secure Internet.

NCCIC/US-CERT encourages users to view the Safer Internet Day website to view tips.

Safer Internet Day 2018 logo

Tax Identity Theft

Reminder:  Use caution during tax season to protect yourself against tax identity theft scams!

 

 

 

 

 

 

 

 

 

Marshall University Information Technology (MUIT) wants to warn the Marshall community to be on the look-out for Tax Identity Theft scams. Many federal agencies are offering information and resources to help consumers learn to protect themselves from tax-related identity theft and Internal Revenue Service (IRS) imposter scams.
MUIT along with the National Cybersecurity & Communications Integration Center (NCCIC) and the United States Computer Emergency Readiness Team (US-CERT) encourage consumers to review IRS publication Taxes.Security.Together. and NCCIC/US-CERT Tip Preventing and Responding to Identity Theft. Users can also participate in a series of free webinars and chats on avoiding tax identity theft, hosted by the Federal Trade Commission, IRS, Department of Veterans Affairs, and others.
For more information about Information Security at Marshall University please visit our website: www.marshall.edu/infosec .

MU Alert Test – Spring 2018

Marshall University will be conducting a test of the MU Alert emergency messaging system on Wednesday, January 24, 2018 at 10 a.m.. This is an opt-in service available to MU community members. Subscribers are asked to be sure they receive a message by noon on Wednesday, and if necessary update their contact information via the myMU interface. If the information is correct and no message was received, please email mualert@marshall.edu with details on which method (text, email, and/or voice) did not work and the details for each pertinent method. Please sign up or update your information prior to 5:00 p.m. on Tuesday, January 23rd to be included on the test.

Additional information is available on the MU Alert website.

macOS High Sierra – Critical Security Update

This is an important computer security bulletin from Marshall University Information Technology team directed at Marshall University students, faculty and staff who own or use an Apple Macintosh computer. Apple has released a critical security update which should be applied to all computers which are running macOS High Sierra 10.13. Marshall University IT staff are working to address this issue on University-owned devices; students, faculty and staff need to be aware of this issue needs addressed on personal-owned devices.

What computers are at risk?

If you have an Apple Macintosh computer which is running the current release of macOS High Sierra 10.13 or 10.13.1, you are at risk and need to apply this update ASAP. If you are still running macOS Sierra 10.12.6 or earlier, this update is not needed.

How do I check which version of macOS in on my computer?

Click on the ‘Apple’ icon menu (in the upper left corner of your computer), and select ‘About This Mac’. You should see a pop-up window which will list the operating system name and version (see below):


 

How do I check for and apply needed software updates?

If your computer shows ‘macOS High Sierra Version 10.13 or 10.13.1’, click on the ‘Software Update…’ button in the lower-right of the pop-up. This will launch the Apple ‘App Store’ utility. Click on the ‘Updates’ menu and apply any needed updates. If the App Store shows ‘No Updates Available’, be sure to confirm that these 2 critical updates ‘MacOS 10.13.1 Update’ and ‘Security Update 2017-001’ are listed as being installed:

Please review the links below for further information and assistance

  • Apple Security Update 2017-001

https://support.apple.com/en-us/HT208315

  • Apple releases macOS High Sierra Security Updates

https://9to5mac.com/2017/11/29/macos-root-fix/

  • Marshall University IT Service Desk

https://www.marshall.edu/it/departments/it-service-desk/

  • Marshall University IT Information Security Team

https://www.marshall.edu/infosec

Protecting Your Marshall MUNet/Email Account from Phishing Attacks

Recent Phishing Attacks

Over the past several months, the Office of Information Technology has seen an influx of fraudulent “phishing” messages, many which appear urgent, and are designed to trick account holders into clicking a link (or in some cases, replying to an email) and providing a username and password.

In most cases, these emails have been sent from other Marshall University account holders who have already been victims of these fraudulent messages and thus have had their accounts compromised. Once an account is compromised, it is then being used by a cyber-criminal to distribute more phishing messages to other MUNet/Office365 account holders.

Since the messages are coming from @marshall.edu or @live.marshall.edu addresses, the recipient is more likely to trust the sender and be tricked into clicking a link and logging in to what they think is a legitimate web page. Many of these web pages are designed to look like authentic Marshall University, Microsoft, or financial institution login pages, but are actually capturing credentials.

Prevention and Education

The IT department is doing their best to catch compromised accounts before more phishing messages can be distributed, however, the best way to protect yourself and others is to use caution when checking your email.

ALWAYS be suspicious of any unexpected email messages, regardless of the source, which include file attachments, web URLs, or are written with a sense of urgency and require you to provide credentials or other personal information.

Phishing Examples

Below are a few examples of recent phishing messages. Notice that each includes hyperlinked text which, when the mouse is hovered over, reveals a web address that is NOT a marshall.edu or microsoft.com address. Also, these messages have a sense of urgency and ask that the recipient verify information. Marshall University will never send you unsolicited email asking you to verify your password or personal information, nor will any other trusted organization.

If You Receive A Fraudulent Email

  1. (Optional) Report a suspicious email sent to your @marshall.edu or @live.marshall.edu email address by forwarding the message to phishing@marshall.edu. YOu will receive an auto-reply confirming receipt of the message as well as additional instructions.
  2. Delete the message from your inbox
  3. As long as you did not attempt to open the attachment, reply/click on the web link, or provide any personal information, no additional action is needed; however…
  4. If you attempted to open an attachment or visited a website where you submitted your username, password or other sensitive information, you should immediately contact the Marshall IT Service Desk at (304)-696-3200 / itservicedesk@marshall.edu.

Protecting Yourself From Email Fraud(AKA Phishing)

Phishing Scams


InfoSec Tips #7: Don’t Be Tricked

Tip 7: Don’t Be Tricked

 
 

This alert was also sent to the Marshall community via e-mail